CVE-2020-0069
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
Published at
2020-03-10
677 days ago
Modified
2020-05-27
599 days ago
2020
Year
The year of the turtle
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en
CONFIRM:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en
https://source.android.com/security/bulletin/2020-03-01
MISC:https://source.android.com/security/bulletin/2020-03-01
Vulnerability RAW
{
"Title": {
"_text": "CVE-2020-0069"
},
"Notes": {
"Note": [
{
"_text": "In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754"
},
{
"_text": "2020-03-10"
},
{
"_text": "2020-05-27"
}
]
},
"CVE": {
"_text": "CVE-2020-0069"
},
"References": {
"Reference": [
{
"URL": {
"_text": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
},
"Description": {
"_text": "CONFIRM:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200527-01-mtk-en"
}
},
{
"URL": {
"_text": "https://source.android.com/security/bulletin/2020-03-01"
},
"Description": {
"_text": "MISC:https://source.android.com/security/bulletin/2020-03-01"
}
}
]
}
}